[Bug 2545] reverse DNS lookups shouldn't block login
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Sun Feb 28 10:59:53 AEDT 2016
https://bugzilla.mindrot.org/show_bug.cgi?id=2545
Damien Miller <djm at mindrot.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |WONTFIX
CC| |djm at mindrot.org
--- Comment #1 from Damien Miller <djm at mindrot.org> ---
We don't intend to fix this.
With UseDNS=yes, we need the remote hostname fairly early in the
connection life for sshd_config Match and authorized_keys restrictions,
so doing the lookup asynchrounously wouldn't really help - we'd need to
block at those points anyway until we get an answer.
UseDNS=no is the default for this reason (among others).
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list